1. Home
  2. CVE Database
  3. CVE-2020-8107
HIGH · 8.2

CVE-2020-8107

A Process Control vulnerability in ProductAgentUI.exe as used in Bitdefender Antivirus Plus allows an attacker to tamper with product settings via a specially crafted DLL file. This issue affects: Bit...

Vulnerability Description

A Process Control vulnerability in ProductAgentUI.exe as used in Bitdefender Antivirus Plus allows an attacker to tamper with product settings via a specially crafted DLL file. This issue affects: Bitdefender Antivirus Plus versions prior to 24.0.26.136. Bitdefender Internet Security versions prior to 24.0.26.136. Bitdefender Total Security versions prior to 24.0.26.136.

CVSS Score

8.2

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality
HIGH
Integrity
HIGH
Availability
HIGH

Affected Products

VendorProductVersions
BitdefenderAntivirus Plus< 24.0.26.136
BitdefenderInternet Security< 24.0.26.136
BitdefenderTotal Security< 24.0.26.136

Related Weaknesses (CWE)

CWE-114

References

FAQ

What is CVE-2020-8107?

CVE-2020-8107 is a vulnerability with a CVSS score of 8.2 (HIGH). A Process Control vulnerability in ProductAgentUI.exe as used in Bitdefender Antivirus Plus allows an attacker to tamper with product settings via a specially crafted DLL file. This issue affects: Bit...

How severe is CVE-2020-8107?

CVE-2020-8107 has been rated HIGH with a CVSS base score of 8.2/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2020-8107?

Check the references section above for vendor advisories and patch information. Affected products include: Bitdefender Antivirus Plus, Bitdefender Internet Security, Bitdefender Total Security.